实验四利用wireshark分析DNS实验报告

陕西师范大学计算机网络实验报告年级：2008级计算机科学与技术姓名：学号：实验日期：2010.10.20实验名称：利用wireshark分析DNS一、实验目的1、学会使用nslookup工具查询并分析Internet域名信息或诊断DNS服务器。学会使用ipconfig工具进行分析。2、会用wireshark分析DNS协议。对DNS协议有个全面的学习与了解。二、实验器材1、接入Internet的计算机主机；2、抓包工具wireshark和截图工具snagit。三、实验内容1.RunnslookuptoobtaintheIPaddressofaWebserverinAsia.theIPaddressof：166.111.4.1002.RunnslookuptodeterminetheauthoritativeDNSserversforauniversityinEurope.实验结果如下图：3.RunnslookupsothatoneoftheDNSserversobtainedinQuestion2isqueriedforthemailserversforYahoo!mail.实验结果如下图：4.LocatetheDNSqueryandresponsemessages.ArethensentoverUDPorTCP?答：DNSqueryandresponsemessages如下图标注，TheyatesentoverUDP；5.WhatisthedestinationportfortheDNSquerymessage?WhatisthesourceportofDNSresponsemessage?答：thedestinationportis：64211（64211）thesourceportis：domain（53）6.TowhatIPaddressistheDNSquerymessagesent?UseipconfigtodeterminetheIPaddressofyourlocalDNSserver.ArethesetwoIPaddressesthesame?答：ip地址10.0.163.199，这两个IP地址是一样的。试验截图如下7.ExaminetheDNSquerymessage.What“Type”ofDNSqueryisit?Doesthequerymessagecontainany“answers”?答：“Type”ofDNSqueryis（hostaddress）没有包含“answer”；8.ExaminetheDNSresponsemessage.Howmany“answers”areprovided?Whatdoeachoftheseanswerscontain?答：“answers”如下图：9.ConsiderthesubsequentTCPSYNpacketsentbyyourhost.DoesthedestinationIPaddressoftheSYNpacketcorrespondtoanyoftheIPaddressesprovidedintheDNSresponsemessage?答：10.Thiswebpagecontainsimages.Beforeretrievingeachimage,doesyourhostissuenewDNSqueries?答：myhostissuedon’tissuenewDNSqueries。11.WhatisthedestinationportfortheDNSquerymessage?WhatisthesourceportofDNSresponsemessage?答：thedestinationportfortheDNSquerymessage：thesourceportofDNSresponsemessage：他们是相同的。12.TowhatIPaddressistheDNSquerymessagesent?IsthistheIPaddressofyourdefaultlocalDNSserver?IPaddress：202.117.144.2ThisistheIPaddressofmydefaultlocalDNSserver（202.117.144.2）13.ExaminetheDNSquerymessage.What“Type”ofDNSqueryisit?Doesthequerymessagecontainany“answers”?答：“Type”ofDNSquery“answers”：14.ExaminetheDNSresponsemessage.Howmany“answers”areprovided?Whatdoeachoftheseanswerscontain?答：15.Provideascreenshot.16.TowhatIPaddressistheDNSquerymessagesent?IsthistheIPaddressofyourdefaultlocalDNSserver?IPaddress:202.117.144.2他们是相同的。17.ExaminetheDNSquerymessage.What“Type”ofDNSqueryisit?Doesthequerymessagecontainany“answers”?18.ExaminetheDNSresponsemessage.WhatMITnameserversdoestheresponsemessageprovide?DoesthisresponsemessagealsoprovidetheIPaddressesoftheMITnamesers?答：MITnameservers如下划线thisresponsemessagedon’tprovidetheIPaddressesoftheMITnamesers。19.Provideascreenshot.20.TowhatIPaddressistheDNSquerymessagesent?IsthistheIPaddressofyourdefaultlocalDNSserver?Ifnot,whatdoestheIPaddresscorrespondto?Ipaddress：18.72.0.3ThisisnottheIPaddressofmydefaultlocalDNSserver。theIPaddresscorrespondtobit.mit.edu21.ExaminetheDNSquerymessage.What“Type”ofDNSqueryisit?Doesthequerymessagecontainany“answers”?type如下图：Answer如下图：22.ExaminetheDNSresponsemessage.Howmany“answers”areprovided?Whatdoeseachoftheseanswerscontain?答：3个answer23.Provideascreenshot.四、实验总结1、通过实验学会了对DNS协议的分析，能借助于nslookup和ipconfig对DNS进行分析。2、通过实验让自己更清楚的认识了域名的定义。3、学会了ipconfig的相关操作，能熟练的运用ipconfig进行操作。